This privacy policy has been compiled to better serve those who are concerned with how their 'Personally Identifiable Information' (PII) is being used online. PII, as described in US privacy law and information security, is information that can be used on its own or with other information to identify, contact, or locate a single person, or to identify an individual in context. Please read our privacy policy carefully to get a clear understanding of how we collect, use, protect or otherwise handle your Personally Identifiable Information in accordance with our website.

In accordance with the General Data Protection Regulation adopted by the European Parliament on April 14, 2016, we inform you of the following points:

What personal information do we collect from the people that visit our blog, website or app?

When ordering or registering on our site, as appropriate, you may be asked to enter your name, email address, mailing address, phone number, credit card information or other details to help you with your experience.

We may receive and collect certain Information furnished by the visitor's browser or otherwise by their access device (“Device Information”), such as: Browser Information, Operating System Information, Mobile Device Information (e.g., device identifier, mobile operating system, etc.), IP address (stored in anonymized form), Page Accessed, Geographic Location, Time of visit (by day, week, and duration), Whether the visitor is a new or return visitor, Other such Information as may be delivered or shared by the applicable browser or access software or device.

When do we collect information?

We collect information from you when you place an order, subscribe to a course or newsletter, fill out a form or enter information on our site.

Length of retention

The retention period depends on the purpose for which the data is being processed and takes into account regulations which impose a specific retention period for certain categories of data, possible time limits as well as CNPD or national organizations recommendations regarding certain types of data processing (storing cookies for 13 months according to CNIL recommendations...).

How do we use your information?

We may use the information we collect from you when you register, make a purchase, sign up for our newsletter, respond to a survey or marketing communication, surf the website, or use certain other site features in the following ways:

• To administer a contest, promotion, survey or other site feature.

• To quickly process your transactions.

• To send periodic emails regarding your order or other products and services.

• To follow up with them after correspondence (live chat, email or phone inquiries)

How do we protect your information?

Your personal information is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, the entire website, including all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.

We implement a variety of security measures when a user places an order enters, submits, or accesses their information to maintain the safety of your personal information.

All transactions are processed through a gateway provider and are not stored or processed on our servers.

We advise you to have a normally diligent, prudent and informed behavior. Everyone has a part to play in data security and privacy. For this reason, we recommend that you avoid communicating passwords to others, and that you log out of your accounts (especially if these accounts are linked) and close your browser window when leaving our website, especially when using a public device to access the internet. This way, other users will not be able to access your personal information.

We strongly advise against communicating any document issued by us that contains your personal details to third parties or posting such documents on social media.

You also have the right to receive help from the CNPD (Commission Nationale pour la Protection des Données) in the event of a violation of the regulations regarding Personal Data and, more specifically, the GDPR.

How can I exercise my privacy rights?

As outlined in European regulation on privacy law, you have the right to view, change, delete, or contest any data pertaining to you, as well as to limit, withdraw and refuse the transmission of your personal data.

To help you with this procedure, especially if you wish to exercise your rights above in a written request by post to the postal address, you will find a model letter prepared by the Commission Nationale pour la Protection des Données (the CNPD – the Luxemburgish National Commission for Data Protection.) by clicking on the following link:

- Rights of access and communication of data

You can access your Personal Information. However, for reasons of security and confidentiality in the processing of personal data, which is our responsibility, you are informed that your request will be processed subject to proof of your identity, notably by providing a scan of your valid identity document (in the case of a request using our dedicated e-form) or a signed photocopy of your valid identity document (where the request is made in writing). We inform you that where necessary, we reserve the right to refuse all requests that are clearly abusive, (where requests are numerous, repetitive or systematic).

- The right of data rectification

In accordance with this right, regulations state that you can ask to rectify, update, lock or delete your personal data, which may in some cases be inaccurate, erroneous, incomplete or out of date. You can also define general and particular directives relative to personal data to be carried out following your death. Where applicable, heirs of a deceased individual can demand that the death of that person be taken into consideration and/or to proceed to any necessary updates.

- Right of objection

The exercise of this right is only possible in the following cases: When the right of objection is founded on legitimate reasons; or When the right of objection is intended to block the use of information collected being used for the purposes of commercial prospection.

- Right of deletion

Furthermore, you have the legal right to decide what happens to your personal data in the case of death. Moreover, any person under the age of 16 at the time the personal data was collected may request that the data be deleted at the earliest opportunity.

- Requests to exercise this right must be addressed to:

EasyTECH Sàrl

5, um Kallek

Schuttrange, 5369 Luxembourg

Or via email: info(at)easytech.lu

Please provide details including your full name and e-mail address in order for us to be able to identify you, as well as any other relevant information to confirm your identity.

- Requests or complaints in case of violation can be addressed to:

Commission nationale pour la protection des données

Service des réclamations

1, avenue du Rock’n’Roll

L-4361 Esch-sur-Alzette

Data transfer outside the European Union

Some of the parties mentioned above may be located outside the European Union and have access to all or some of the personal data collected (name, etc.) in order to fulfill the contract or comply with specific legal requirements.

In this case, we guarantee a high level of data protection according to the most stringent rules, with respect in particular to signing contractual clauses, on a case-by-case basis, based on the European Commission template, or other mechanisms in compliance with the GDPR, whenever your personal data is processed by a service provider outside the European Economic Area and whose country is not considered by the European Commission to implement a sufficient level of protection.

Tools allow us to process your information and involve their transfer outside the EU:

- Microsoft, in the USA who complies with the EU-U.S. Privacy Shield Framework as set forth by the U.S. Department of Commerce regarding the collection, use, and retention of personal information transferred from the European Union to the United States for Office 365 (messenger, GED desktop tools).

However, if you are visiting the Our Website from a country other than the Luxembourg the various communications will necessarily result in the transfer of information across international boundaries. By visiting the Our Website, as applicable, you consent to the processing and transfer of your data as set out in this Privacy Policy.

Data Controller and Data Processor

We do not own, control or direct the use of any of the Client Data stored or processed by a Client or User via the Service. Only the Client or Users are entitled to access, retrieve and direct the use of such Client Data. We are largely unaware of what Client Data is actually being stored or made available by a Client or User to the Service and does not directly access such Client Data except as authorized by the Client, or as necessary to provide Services to the Client and its Users.

Because we do not collect or determine the use of any Personal Data contained in the Client Data and because it does not determine the purposes for which such Personal Data is collected, the means of collecting such Personal Data, or the uses of such Personal Data, we are not acting in the capacity of data controller in terms of the European Union’s General Data Protection Regulation (Regulation (EU) 2016/679, hereinafter “GDPR”) and do not have the associated responsibilities under the GDPR. We should be considered only as a processor on behalf of its Clients and Users as to any Client Data containing Personal Data that is subject to the requirements of the GDPR. Except as provided in this Privacy Policy, we do not independently cause Client Data containing Personal Data stored in connection with the Services to be transferred or otherwise made available to third parties, except to third party subcontractors who may process such data on our behalf in connection with our provision of Services to Clients. Such actions are performed or authorized only by the applicable Client or User.

The Client or the User is the data controller under the Regulation for any Client Data containing Personal Data, meaning that such party controls the manner such Personal Data is collected and used as well as the determination of the purposes and means of the processing of such Personal Data.

We are not responsible for the content of the Personal Data contained in the Client Data or other information stored on its servers (or its subcontractors’ servers) at the discretion of the Client or User nor are we responsible for the manner in which the Client or User collects, handles disclosure, distributes or otherwise processes such information.

Do we use 'cookies'?

Yes. Cookies are small files that a site or its service provider transfers to your computer's hard drive through your Web browser (if you allow) that enables the site's or service provider's systems to recognize your browser and capture and remember certain information. For instance, we use cookies to help us remember and process the items in your shopping cart. They are also used to help us understand your preferences based on previous or current site activity, which enables us to provide you with improved services. We also use cookies to help us compile aggregate data about site traffic and site interaction so that we can offer better site experiences and tools in the future.

We use cookies to:

• Help remember and process the items in the shopping cart.

• Understand and save user's preferences for future visits.

• Compile aggregate data about site traffic and site interactions in order to offer better site experiences and tools in the future. We may also use trusted third-party services that track this information on our behalf.

You can choose to have your computer warn you each time a cookie is being sent, or you can choose to turn off all cookies. You do this through your browser settings. Since browser is a little different, look at your browser's Help Menu to learn the correct way to modify your cookies.

If users disable cookies in their browser:

If you turn cookies off, some of the features that make your site experience more efficient may not function properly.

Third-party disclosure

We do not sell or trade to outside parties your Personally Identifiable Information.

Third-party links

Occasionally, at our discretion, we may include or offer third-party products or services on our website. These third-party sites have separate and independent privacy policies. We therefore have no responsibility or liability for the content and activities of these linked sites. Nonetheless, we seek to protect the integrity of our site and welcome any feedback about these sites.

Google

We use Google Analytics on our website.

We, along with third-party vendors such as Google use first-party cookies (such as the Google Analytics cookies) and third-party identifiers together to compile data regarding user interactions as they relate to our website.

Opting out:

Users can opt out by using the Google Analytics Opt Out Browser add on.

Third-party web services

We use third-party web services to collect and automatically transfer your Personally Identifiable Information in order to be more efficient and better serve you.

The information entered into the form available on the Contact page is stored in Wufoo and transferred automatically to G Suite, to Podio (our CRM) and to ConvertKit (our e-mail marketing tool).

California Online Privacy Protection Act

CalOPPA is the first state law in the nation to require commercial websites and online services to post a privacy policy. The law's reach stretches well beyond California to require any person or company in the United States (and conceivably the world) that operates websites collecting Personally Identifiable Information from California consumers to post a conspicuous privacy policy on its website stating exactly the information being collected and those individuals or companies with whom it is being shared. - See more at: http://consumercal.org/california-online-privacy-protection-act-caloppa/#sthash.0FdRbT51.dpuf

According to CalOPPA, we agree to the following:

Users can visit our site anonymously.

Once this privacy policy is created, we will add a link to it on our home page or as a minimum, on the first significant page after entering our website.

Our Privacy Policy link includes the word 'Privacy' and can easily be found on the page specified above.

You will be notified of any Privacy Policy changes:

• On our Privacy Policy Page

You can change your personal information:

• By emailing us

How does our site handle Do Not Track signals?

We honor Do Not Track signals and Do Not Track, plant cookies, or use advertising when a Do Not Track (DNT) browser mechanism is in place.

Does our site allow third-party behavioral tracking?

It's also important to note that we do not allow third-party behavioral tracking.

COPPA (Children Online Privacy Protection Act)

When it comes to the collection of personal information from children under the age of 13 years old, the Children's Online Privacy Protection Act (COPPA) puts parents in control. The Federal Trade Commission, United States' consumer protection agency, enforces the COPPA Rule, which spells out what operators of websites and online services must do to protect children's privacy and safety online.

We do not specifically market to children under the age of 13 years old.

Fair Information Practices

The Fair Information Practices Principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice Principles and how they should be implemented is critical to comply with the various privacy laws that protect personal information.

In order to be in line with Fair Information Practices we will take the following responsive action, should a data breach occur:

We will notify you via email

• Within 7 business days

We also agree to the Individual Redress Principle which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.

CAN SPAM Act

The CAN-SPAM Act is a law that sets the rules for commercial email, establishes requirements for commercial messages, gives recipients the right to have emails stopped from being sent to them, and spells out tough penalties for violations.